Advertise on Bikeforums.net



User Tag List

Results 1 to 24 of 24
  1. #1
    was kung-fu fighting lodi781's Avatar
    Join Date
    May 2006
    Location
    Connecticut
    My Bikes
    '00 schwinn moab disk/06 specialized stumpy fsr expert, 06 look565
    Posts
    72
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Need CPU help...bad...

    Google search keeps redirecting on me...the listing is right, but the actual web adresses are different....I was looking for an outdoor shop by me, and the listing was good, but then some stupid other website poped up. Anybody know what this might be??? AVG and malwarebytes aren't picking anything up...
    " The love you withhold is the pain you carry, lifetime after lifetime."

  2. #2
    Senior Member MrCrassic's Avatar
    Join Date
    Jun 2007
    Location
    Brooklyn, NY
    My Bikes
    2008 Giant OCR1 (with panda bear on the back!)
    Posts
    3,648
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Congratulations! You have a textbook case of spyware on your hands. AVG and company won't pick it up because it's able to circumvent detection, and your web addresses are being redirected most likely becuase your not using the real Google, but a compromised version.

    What you can try and do is use AVG or any malware scanner to run a scan in safe mode, which will probably surface the problem. What would help more is if you could post a screenshot of your task manager. To open it, hit the CTRL+ALT+ESC buttons simultaneously.
    Ride more.

    Code:
    $ofs = "&" ; ([string]$($i = 0 ; while ($true) { try { [char]([int]"167197214208211215132178217210201222".substring($i,3) - 100) ; $i =
     $i+3 > catch { break >>)).replace('&','') ; $ofs=" " # Replace right angles with right curly braces

  3. #3
    was kung-fu fighting lodi781's Avatar
    Join Date
    May 2006
    Location
    Connecticut
    My Bikes
    '00 schwinn moab disk/06 specialized stumpy fsr expert, 06 look565
    Posts
    72
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    awesome...here comes the dumb noob question, ........I have no idea how to post a screen shot...
    " The love you withhold is the pain you carry, lifetime after lifetime."

  4. #4
    was kung-fu fighting lodi781's Avatar
    Join Date
    May 2006
    Location
    Connecticut
    My Bikes
    '00 schwinn moab disk/06 specialized stumpy fsr expert, 06 look565
    Posts
    72
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ....and the control alt esc thing aint working....
    " The love you withhold is the pain you carry, lifetime after lifetime."

  5. #5
    T-Shirt Guy ehidle's Avatar
    Join Date
    Jul 2008
    Location
    Lansdale, PA
    My Bikes
    2005 Fuji Team Issue, 2007 Fuji SL-1
    Posts
    464
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by lodi781 View Post
    Google search keeps redirecting on me...the listing is right, but the actual web adresses are different....I was looking for an outdoor shop by me, and the listing was good, but then some stupid other website poped up. Anybody know what this might be??? AVG and malwarebytes aren't picking anything up...
    CCleaner is your only hope here. CCleaner uses the Windows Recovery Console to quarantine the entire drive and scan before anything has a chance to load into memory.

    It's complicated to install and use, but it will probably save you.
    Yellow + Blue Jerseys!

    Get your Cranky T-Shirt!
    Men's
    and Women's designs available

  6. #6
    la vache fantôme phantomcow2's Avatar
    Join Date
    Aug 2004
    Location
    NH
    Posts
    6,266
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    To take a screenshot: press the "PrtScrn" button on your keyboard. You'll probably find it around the top right corner.

    One might also try the program "HijackThis."
    C://dos
    C://dos.run
    run.dos.run

  7. #7
    Senior Member deraltekluge's Avatar
    Join Date
    Sep 2006
    My Bikes
    Kona Cinder Cone, Sun EZ-3 AX
    Posts
    1,195
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by lodi781 View Post
    ....and the control alt esc thing aint working....
    That's because it's CTRL + ALT + DEL that opens the Task Manager. Alternatively, right-click on an unused section of the Task Bar, and then select Task Manager from the pop-up menu. PrintScreen does the screen capture, and puts an image of your screen onto your Clip Board. Do you need instructions on how to get from there to posting it? There's a long thread on the Forum Suggestions & User Assistance forum...How do I post pictures?, but first you have to make a file from that image you captured. You can paste it into an image processing program (even Paint will do), and do a "Save As..."

  8. #8
    Unique Vintage Steel cuda2k's Avatar
    Join Date
    May 2005
    Location
    Allen, TX
    My Bikes
    Kirk Frameworks JKS-C, Serotta Nova, Gazelle AB-Frame, Fuji Team Issue, Schwinn Crosscut, All-City Space Horse
    Posts
    11,486
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Had the exact same thing happen to my laptop last night. Realized something was fishy when the icon up in the address bar was not the usual when using Google but some stylized G that was supposed to look like a "Google" thing. That and the funky search results.

    My solution - took it as an excuse to format the drive which I'd been meaning to do for a while. Decided to throw Vista on it as well since I don't do anything with that laptop that would be happier under XP.
    [CENTER][URL="http://VeloBase.com"][IMG]http://velobase.com/App_Themes/VeloBase2_blue/Images/VeloBase2TitleCampagnolo.jpg[/IMG][/URL][/CENTER]
    [CENTER][URL="http://JonPFischer.com"][COLOR="#006400"]Fischer Photography[/COLOR][/URL] - [URL="http://www.bikeforums.net/showthread.php/785462-My-new-modern-quot-Classic-quot-Kirk-JKS-Classic-Terraplane"][COLOR="#8b0000"]Kirk Frameworks JKS-Classic Build Thread[/COLOR][/URL][/CENTER]

  9. #9
    Arsehole PlatyPius's Avatar
    Join Date
    Jul 2008
    Posts
    2,278
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by phantomcow2 View Post
    To take a screenshot: press the "PrtScrn" button on your keyboard. You'll probably find it around the top right corner.

    One might also try the program "HijackThis."
    I second this. HijackThis is on my all-time best programs list.

    Panda AV catches most everything, btw. You can run an online scan for free - if you can get to the site.

    Also, sometimes google search results aren't what they appear.... beware.

  10. #10
    was kung-fu fighting lodi781's Avatar
    Join Date
    May 2006
    Location
    Connecticut
    My Bikes
    '00 schwinn moab disk/06 specialized stumpy fsr expert, 06 look565
    Posts
    72
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thank you everyboby!...just got back home, and i'll try everything you guys said starting with hijackthis...give me a sec to post my screenshot...
    " The love you withhold is the pain you carry, lifetime after lifetime."

  11. #11
    la vache fantôme phantomcow2's Avatar
    Join Date
    Aug 2004
    Location
    NH
    Posts
    6,266
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    oh, I forgot to post the second half of the screenshot instructions:
    Go into paint and paste in the image (control+v)
    C://dos
    C://dos.run
    run.dos.run

  12. #12
    Crankenstein bmclaughlin807's Avatar
    Join Date
    May 2006
    Location
    Spokane
    My Bikes
    Novara Randonee (TankerBelle)
    Posts
    4,038
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You all scare me... I'd NEVER recommend Hijack this to someone that didn't know what they were doing...

    Try malware bytes and combofix from safe mode... those two will take care of most issues you might have.
    "There is no greater wonder than the way the face and character of a woman fit so perfectly in a man's mind, and stay there, and he could never tell you why. It just seems it was the thing he most wanted." Robert Louis Stevenson

  13. #13
    phony collective progress x136's Avatar
    Join Date
    Sep 2006
    Location
    San Hoosey
    My Bikes
    http://velospace.org/user/36663
    Posts
    2,958
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by cuda2k View Post
    the icon up in the address bar was not the usual when using Google but some stylized G that was supposed to look like a "Google" thing.
    Google changed their favicon very recently.


  14. #14
    Senior Member
    Join Date
    May 2004
    Posts
    1,225
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    My canned response to problems like this is to just HTFU and reinstall windows. I think in the long run, you come out ahead in terms of time spent screwing around with it if you just do that, as opposed to trying a bunch of different "anti-spyware" apps that aren't able to fully undo the damage done by whatever malware you happen to have.

    Obviously, you should back up your valuable data first.

  15. #15
    la vache fantôme phantomcow2's Avatar
    Join Date
    Aug 2004
    Location
    NH
    Posts
    6,266
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by bmclaughlin807 View Post
    You all scare me... I'd NEVER recommend Hijack this to someone that didn't know what they were doing...
    You have an excellent point!
    C://dos
    C://dos.run
    run.dos.run

  16. #16
    was kung-fu fighting lodi781's Avatar
    Join Date
    May 2006
    Location
    Connecticut
    My Bikes
    '00 schwinn moab disk/06 specialized stumpy fsr expert, 06 look565
    Posts
    72
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by phantomcow2 View Post
    You have an excellent point!
    Ya, this whole thing is turning into colossal abortion anyways..........
    " The love you withhold is the pain you carry, lifetime after lifetime."

  17. #17
    la vache fantôme phantomcow2's Avatar
    Join Date
    Aug 2004
    Location
    NH
    Posts
    6,266
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What happened? There are enough knowledgeable people on this forum that you can probably get help if you post details.
    C://dos
    C://dos.run
    run.dos.run

  18. #18
    was kung-fu fighting lodi781's Avatar
    Join Date
    May 2006
    Location
    Connecticut
    My Bikes
    '00 schwinn moab disk/06 specialized stumpy fsr expert, 06 look565
    Posts
    72
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I have to try to restart in safe mode...not real good with computers ( in case you missed that) But, in short, my screen shot thing isn't working, no idea, maybe the drivers didn't load right when I got my new keyboard(kensington). I can't download that hijackthis thing even if I wanted to because I can't get it to google ( or yahoo or anything else) and wouldn't know what to do with it even if I did get it to download. So i'll try the safe mode thing with malwarebytes and avg, and if that doesn't work, i'll re- load xp.
    " The love you withhold is the pain you carry, lifetime after lifetime."

  19. #19
    Unique Vintage Steel cuda2k's Avatar
    Join Date
    May 2005
    Location
    Allen, TX
    My Bikes
    Kirk Frameworks JKS-C, Serotta Nova, Gazelle AB-Frame, Fuji Team Issue, Schwinn Crosscut, All-City Space Horse
    Posts
    11,486
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by x136 View Post
    Google changed their favicon very recently.

    it wasn't that one. It was a white G with different colors in each "corner" and inside the loops of the G.

    Quote Originally Posted by RazorWind View Post
    My canned response to problems like this is to just HTFU and reinstall windows. I think in the long run, you come out ahead in terms of time spent screwing around with it if you just do that, as opposed to trying a bunch of different "anti-spyware" apps that aren't able to fully undo the damage done by whatever malware you happen to have.

    Obviously, you should back up your valuable data first.
    More or less the conclusion I came to. hadn't been done since I got my laptop (bout 2 years ago), but also didn't have much on it as I had planned to send it in for repair on the monitor cable a while back but never did (fixed it myself).

    Quote Originally Posted by lodi781 View Post
    I have to try to restart in safe mode...not real good with computers ( in case you missed that) But, in short, my screen shot thing isn't working, no idea, maybe the drivers didn't load right when I got my new keyboard(kensington). I can't download that hijackthis thing even if I wanted to because I can't get it to google ( or yahoo or anything else) and wouldn't know what to do with it even if I did get it to download. So i'll try the safe mode thing with malwarebytes and avg, and if that doesn't work, i'll re- load xp.
    Good Luck!
    [CENTER][URL="http://VeloBase.com"][IMG]http://velobase.com/App_Themes/VeloBase2_blue/Images/VeloBase2TitleCampagnolo.jpg[/IMG][/URL][/CENTER]
    [CENTER][URL="http://JonPFischer.com"][COLOR="#006400"]Fischer Photography[/COLOR][/URL] - [URL="http://www.bikeforums.net/showthread.php/785462-My-new-modern-quot-Classic-quot-Kirk-JKS-Classic-Terraplane"][COLOR="#8b0000"]Kirk Frameworks JKS-Classic Build Thread[/COLOR][/URL][/CENTER]

  20. #20
    phony collective progress x136's Avatar
    Join Date
    Sep 2006
    Location
    San Hoosey
    My Bikes
    http://velospace.org/user/36663
    Posts
    2,958
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by cuda2k View Post
    it wasn't that one. It was a white G with different colors in each "corner" and inside the loops of the G.
    That's exactly what I posted. You must have a cache issue or something. <-- That?

  21. #21
    was kung-fu fighting lodi781's Avatar
    Join Date
    May 2006
    Location
    Connecticut
    My Bikes
    '00 schwinn moab disk/06 specialized stumpy fsr expert, 06 look565
    Posts
    72
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by x136 View Post
    That's exactly what I posted. You must have a cache issue or something. <-- That?
    Yep, thats what I got...my buddy just told me to try smitfraudfix...we'll see if that works....
    " The love you withhold is the pain you carry, lifetime after lifetime."

  22. #22
    Señor Member USAZorro's Avatar
    Join Date
    Oct 2004
    Location
    Carlisle, PA
    My Bikes
    1954 Hetchins M.O., 1959 Viking Severn Valley, 1970 Raleigh Pro, 1972 Fuji "The Finest", 1974 Raleigh Superbe&Comp, 1976 Raleigh Team Pro, 1994 Trek 830 MTB, 2000 Bob Jackson Arrowhead, Unicycle
    Posts
    13,034
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by cuda2k View Post
    ... Decided to throw Vista on it as well ...
    There's a mistake.
    The search for inner peace continues...

  23. #23
    Pwnerer Wordbiker's Avatar
    Join Date
    Jun 2005
    Location
    Pagosa Springs, CO, USA
    My Bikes
    Road, MTB, Cruiser, Chopper, BMX
    Posts
    2,880
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by lodi781 View Post
    I have to try to restart in safe mode....
    Go to Start>Run>type "MSCONFIG">OK.

    Click the BOOT.INI tab and check /SAFEBOOT, then click OK.

    Now every time the computer reboots you'll be in safe mode until you go through that same process and uncheck the /SAFEBOOT box.

    I've found that very handy for running multiple scans and antivirus apps.
    Quote Originally Posted by ahsposo View Post
    Ski, bike and wish I was gay.

  24. #24
    Unique Vintage Steel cuda2k's Avatar
    Join Date
    May 2005
    Location
    Allen, TX
    My Bikes
    Kirk Frameworks JKS-C, Serotta Nova, Gazelle AB-Frame, Fuji Team Issue, Schwinn Crosscut, All-City Space Horse
    Posts
    11,486
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    x136 - yeah that was the one. Guess it wasn't being injected by the malware. Which I thought would have been endlessly stupid for a malware developer to do in the first place.
    [CENTER][URL="http://VeloBase.com"][IMG]http://velobase.com/App_Themes/VeloBase2_blue/Images/VeloBase2TitleCampagnolo.jpg[/IMG][/URL][/CENTER]
    [CENTER][URL="http://JonPFischer.com"][COLOR="#006400"]Fischer Photography[/COLOR][/URL] - [URL="http://www.bikeforums.net/showthread.php/785462-My-new-modern-quot-Classic-quot-Kirk-JKS-Classic-Terraplane"][COLOR="#8b0000"]Kirk Frameworks JKS-Classic Build Thread[/COLOR][/URL][/CENTER]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •